Rosa Yu

**Name of the Vulnerable Software and Affected Versions** PackageKit versions prior to 1.3.6 **Description** An issue exists in the API component within the `g file test()` function of the `src/pk-transaction.c` file. Remote manipulation of the `frontend-socket` argument can lead to improper authorization. **Recommendations** Update to a version later than 1.3.5. As a temporary mitigation, restrict access to the `frontend-socket` argument in the API component.